| Taking note: XSS to RCE in the Simplenote Electron client |
|
|
|
| App Maker and Colaboratory: a stored Google XSS double-bill |
|
|
|
| Managed Apps and Music: a tale of two XSSes in Google Play |
|
|
|
| Road to (unauthenticated) recovery: downloading GitHub SSO bypass codes |
|
|
|
| A pair of Plotly bugs: Stored XSS and AWS Metadata SSRF |
|
|
|
| From RSS to XXE: feed parsing on Hootsuite |
|
|
|
| Lightweight markup: a trio of persistent XSS in GitLab |
|
|
|
writeups.xyz
/
Yasin Soliman (@SecurityYasin)